| View previous topic :: View next topic |
| Author |
Message |
Flyte
Peanuts!!!!
 Reputation: 6
Joined: 19 Apr 2006
Posts: 1887
Location: Canada
|
 Posted: Sat Mar 31, 2007 4:17 pm Post subject: Problems with DLL_PROCESS_ATTACH. |
 |
|
Hello,
Lately I have been messing around with .dll injection. The problem is not the injector itself, Process Explorer says the .dll is injected, its the .dll I am injecting.
Now background reading has told me that when I call LoadLibrary() on a .dll it should send DLL_PROCESS_ATTACH to it. So in theory injecting this simple .dll should do the trick:
| Code: | #include <windows.h>
BOOL APIENTRY DllMain(HANDLE hModule, DWORD call, LPVOID lpReserved)
{
if (call == DLL_PROCESS_ATTACH)
{
MessageBox(0,"The dll has been injected.","Hello",0);
}
return TRUE;
} |
It however does absolutely nothing. I have tried other .dll's made by other people that are just for testing/example purposes, to no avail. As I said before, the injector is not the problem (I even tried CE to inject the .dll's and still nothing happens).
Any help would be appreciated.
- Flyte
P.S. Using Bloodshed compiler.
|
|
| Back to top |
|
 |
appalsap
Moderator
 Reputation: 0
Joined: 27 Apr 2006
Posts: 6753
Location: Pakistan
|
| Posted: Sat Mar 31, 2007 5:25 pm Post subject: |
|
|
BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
_________________
|
|
| Back to top |
|
|
Flyte
Peanuts!!!!
Reputation: 6
Joined: 19 Apr 2006
Posts: 1887
Location: Canada
|
| Posted: Sat Mar 31, 2007 6:05 pm Post subject: |
|
|
| appalsap wrote: | | BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved) |
I have also tried that as the entry point function before. It still does absolutely nothing. Thanks anyways Appalsap.
|
|
| Back to top |
|
|
appalsap
Moderator
Reputation: 0
Joined: 27 Apr 2006
Posts: 6753
Location: Pakistan
|
| Posted: Sat Mar 31, 2007 6:11 pm Post subject: |
|
|
Copied that straight from my trainer, it works.
_________________
|
|
| Back to top |
|
|
Flyte
Peanuts!!!!
Reputation: 6
Joined: 19 Apr 2006
Posts: 1887
Location: Canada
|
| Posted: Sat Mar 31, 2007 6:24 pm Post subject: |
|
|
| appalsap wrote: | | Copied that straight from my trainer, it works. |
It just doesn't.
I am using the CreateRemoteThread method to tell the process to load the .dll if it makes any difference (which it should not). As I have said before, I have tried using dummy .dll's made by other people for example purposes, and nothing happens.
|
|
| Back to top |
|
|
appalsap
Moderator
Reputation: 0
Joined: 27 Apr 2006
Posts: 6753
Location: Pakistan
|
| Posted: Sat Mar 31, 2007 6:29 pm Post subject: |
|
|
well then this is not a problem with the code, why post it in the programming section?!
_________________
|
|
| Back to top |
|
|
Flyte
Peanuts!!!!
Reputation: 6
Joined: 19 Apr 2006
Posts: 1887
Location: Canada
|
| Posted: Sat Mar 31, 2007 6:36 pm Post subject: |
|
|
| appalsap wrote: | | well then this is not a problem with the code, why post it in the programming section?! |
I thought it was a problem with the code, which would be why I posted it. Now if it is not something wrong with the code then this should work on my other computer. I will post back if it works or not.
Oh, and any idea's on what the problem could be?
Thanks,
Flyte
Edit: Again, absolutely nothing happened. Has anybody else had this problem before?
|
|
| Back to top |
|
|
Robotex
Master Cheater
 Reputation: 0
Joined: 05 Sep 2006
Posts: 378
Location: The pizza country!
|
| Posted: Sun Apr 01, 2007 3:06 am Post subject: |
|
|
| Code: | bool WINAPI DllMain(HMODULE hModule, DWORD dwReason, PVOID pvReserved)
{
if(dwReason == DLL_PROCESS_ATTACH)
{
MessageBox(NULL,"DLL Loaded!","DLL",MB_OK);
}
else if(dwReason == DLL_PROCESS_DETACH)
{
MessageBox(NULL,"DLL Unloaded!","DLL",MB_OK);
}
return true;
} |
I'm using that, if it still doesn't work, try changing compiler
_________________
ASM/C++ Coder
Project Speranza lead developer |
|
| Back to top |
|
|
benlue
Moderator
![]() Reputation: 0
Joined: 09 Oct 2006
Posts: 2142
|
| Posted: Sun Apr 01, 2007 5:34 am Post subject: |
|
|
| I doubt changing compiler will fix anything . That script you posted will probably work .
|
|
| Back to top |
|
|
Flyte
Peanuts!!!!
Reputation: 6
Joined: 19 Apr 2006
Posts: 1887
Location: Canada
|
| Posted: Sun Apr 01, 2007 5:35 pm Post subject: |
|
|
| I actually changed compliers right after my last post. It works now. For some reason Bloodshed doesn't want to compile it properly.
|
|
| Back to top |
|
|
benlue
Moderator
![]() Reputation: 0
Joined: 09 Oct 2006
Posts: 2142
|
| Posted: Mon Apr 02, 2007 6:46 am Post subject: |
|
|
| Flyte wrote: | | I actually changed compliers right after my last post. It works now. For some reason Bloodshed doesn't want to compile it properly. |
Bloodshed is trustworthy to me , what compiler are you using now ?
|
|
| Back to top |
|
|
Flyte
Peanuts!!!!
Reputation: 6
Joined: 19 Apr 2006
Posts: 1887
Location: Canada
|
| Posted: Tue Apr 03, 2007 8:30 am Post subject: |
|
|
| benlue wrote: | | Flyte wrote: | | I actually changed compliers right after my last post. It works now. For some reason Bloodshed doesn't want to compile it properly. |
Bloodshed is trustworthy to me , what compiler are you using now ? |
VC++ 5.0 - I got it from school and never bothered taking it off. Found it lying around on my hard drive.
|
|
| Back to top |
|
|
compactwater
I post too much
![]() Reputation: 8
Joined: 02 Aug 2006
Posts: 3923
|
| Posted: Thu Apr 12, 2007 6:09 pm Post subject: |
|
|
Bloodshed.net is the best free compiler out there.
Try it.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
